Privacy Policy
At MamaMilk Co., we take your privacy seriously. This policy explains how we collect, use, protect, and handle your personal information, including sensitive health and financial data. MamaMilk is designed for postpartum and breastfeeding mothers and collects deeply personal health information — we treat this data with the utmost care, security, and respect.
Information We Collect
Account Information:
Email address, name, and profile details you provide during registration.
Sensitive Health Data:
We collect the following health information that you voluntarily enter:
- Lactation data: Pumping sessions (duration, volume), breastfeeding sessions, milk. stash inventory
- Baby feeding logs: Type and amounts of breastmilk or formula given
- Menstrual cycle data: Start/end dates, flow intensity, symptoms
- Mood & mental health: Mood levels, energy, feelings, mental wellness notes
- Sleep data: Sleep duration and quality (manual or via wearables)
- Physical activity: Steps, calories, active minutes (via wearables)
- Heart rate & HRV: Resting heart rate and variability (via wearables)
- Nutrition: Water intake, food logs, meal types
This sensitive health data is used solely to provide app functionality. It is never sold, rented, or shared for advertising or marketing purposes.
Payment Information:
We use Stripe to process subscription payments. We do not store your credit card details on our servers. Stripe securely handles all payment information in compliance with PCI DSS standards.
Privacy
How We Use Your Information
How We Use Your Information
- To provide and improve the app's features and personalized recommendations
- To generate insights and analytics about your health patterns
- To process subscription payments and manage your account
- To send you important notifications and reminders (if enabled)
- To comply with legal obligations and protect our rights
Protection of Sensitive Health Information
Your health data — including menstrual, lactation, and mental health information — is extremely sensitive. We treat it with the highest level of security and care:
- Encryption: All health data is encrypted both in transit (HTTPS/TLS) and at rest using industry-standard encryption
- Access Control: Only you can access your health data. We implement strict authentication and authorization controls
- No Selling or Advertising: We will NEVER sell, rent, license, or share your health information with third parties for marketing, advertising, or commercial profiling purposes
- No Cross-App Tracking: Your data is never used to track you across other apps or websites
- De-identification: Any aggregate analytics we perform use de-identified data that cannot be traced back to you
- Minimal AI Data Use: When AI recommendations are generated, only the minimum necessary data is used, and it is not retained by AI providers for training
Financial Data Security
We prioritize the security of your payment information:
- No Card Storage: We do not store your credit card numbers or payment details on our servers
- PCI Compliance: All payments are processed through Stripe, a PCI DSS Level 1 certified payment processor
- Secure Transactions: All payment transactions use industry-standard encryption
- Subscription Management: You can cancel your subscription at any time through your profile settings
Data Sharing & Third Parties
We only share your information with trusted third-party service providers who help us operate the app:
- Stripe: For secure payment processing (subscription billing)
- Base44 Platform: Our hosting and database infrastructure provider
- AI Services: For generating personalized recommendations (data is anonymized)
All third-party providers are bound by confidentiality agreements and security standards.
Your Rights
- Access: You can view all your data within the app at any time
- Correction: You can edit or update your information anytime
- Deletion: You can delete individual records or request full account deletion
- Portability: You can export your data upon request
- Opt-out: You can disable notifications and reminders at any time
Data Retention & Deletion
We retain your data only as long as necessary to provide our services and comply with legal obligations.
If you delete your account, we will permanently delete your personal data within 30 days, except for:
- Information required for legal or regulatory compliance
- De-identified analytics data that cannot be linked to you
Children's Privacy
Our app is designed for adults (18+). We do not knowingly collect personal information from children under 18. If you believ e we have collected information from a child, please contact us immediately.
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the app after changes constitutes acceptance of the updated policy.
App Store Privacy Disclosure
In accordance with Apple App Store requirements, here is a summary of data we collect and how it is used:
- Data Linked to You
- Contact info (email, name), Health & fitness data (lactation, menstrual, mood, sleep, activity, heart rate), User content (food logs, notes, community posts), Purchases (subscription), Identifiers (user ID)
- Contact info (email, name), Health & fitness data (lactation, menstrual, mood, sleep, activity, heart rate), User content (food logs, notes, community posts), Purchases (subscription), Identifiers (user ID)
- Data NOT Collected
- Location, browsing history, search history, contacts, photos, financial/card data
- Location, browsing history, search history, contacts, photos, financial/card data
- Tracking
- We do not track you across third-party apps or websites.
- We do not track you across third-party apps or websites.
Questions or Concerns?
If you have any questions about this privacy policy or how we handle your data, please contact us. We're committed to protecting your privacy and addressing your concerns.
Your trust is our priority. 💚